Network security in a borderless world
By Jeff Wilson
TelephonyOnline.com,
Sep 26 2003

Security always has been critical to large organizations—even in the dark ages before the Internet. The Internet, an indiscriminate leveler, has now brought the possibility of being hacked down to even small organizations.

Among small organizations in North America, all but 15% deployed security technologies in 2002. Since small organizations are the slowest to adopt security technologies, it is evident that nearly everyone now uses some form of security. Adoption of security tends to track very closely to the adoption of the Internet, as most organizations deploy security to protect themselves from the hackers that prey on unprotected Internet connections.

Virus scanning and firewalls are the most common security technologies used by most organizations. Intrusion detection/prevention and vulnerability testing will show the strongest growth, primarily due to innovations in both firewalls and intrusion detection products, which will drive easy-to-use, reasonably priced IDS/vulnerability technology into a wide variety of products already being adopted by most organizations with networks (firewalls, secure routers and local area network switches).

The security market is experiencing a shift in technologies and methods that reflects a shift in networking implementation between the early Internet Age (circa 1995) and now. In the early model, a company headquarters had an Internet connection, but connections to partners or branch offices were through a private network. In the case of remote workers, the public network was used. Companies bought a high-priced firewall for their Internet connection, perhaps scattered some virus scanner software about and felt relatively secure. Hacks were possible (hacks are always possible), but at least the number of vulnerable points were limited to an denumerable set.

The Early Security Model




With the increasing usefulness and consequent ubiquity of the Internet’s presence and the advent of virtual private networks, the number of connection points, as well as the knowledge about the connection owners, has increased the risks to networks exponentially. There are more mobile workers, telecommuters and day extenders accessing the network through the Internet. In the case of mobile workers, the facilities used for access—hotels, kiosks, airport lounges—are, from a security viewpoint, black boxes.

The fast growing adoption of wireless LANs within the enterprise and the use of WLAN hotspots by mobile workers are also adding to security fears at many companies. For enterprises enabling wireless mobile users, it is no longer possible for IT managers to know where the edge of their network is, who has access to it and what sort of device they are using.

The Current Security Model




Hackers keep learning new tricks--which is unfortunate for the peace of mind of IT managers, but fortunate and lucrative for security product and service vendors. The security defense market is booming, thanks to the myriad ways in which a company's security can be compromised. Current security products for enterprise networks fall into several dozen categories. But a security manager cannot install two or three products and assume that the company has a complete security solution. Since the market is too innovative for any single manufacturer to attempt a large-scale central management system, each vendor produces their own solution, tailored to a specific segment of the security market.

This muddled situation is starting to improve as manufacturers begin to develop products that integrate multiple technologies and focus on making those products more manageable. There have been a slew of announcements recently about application security, deep inspection firewalls, intrusion prevention, virus scanning in the network and Web security gateways, among other things. Because these products must get better at identifying and stopping attacks, we have entered an era of technical innovation for VPN and security products.

No one knows for sure what will emerge from this intense development period, or what the integrated products will be called. It seems clear at this point that, from a user’s point of view, firewalls are still the foundation of network security. Firewall vendors, however, must find a way to make their firewalls better, which could mean integrating application intelligence with intrusion detection and prevention.


--------------------------------------------------------------------------------

Jeff Wilson is Executive Director of Infonetics Research, San Jose, CA. He can be reached at [email protected].


telephonyonline.com